Monday, July 6, 2020

Snort rule update for July 6 includes coverage for F5 BIG-IP vulnerability

Cisco Talos just released Snort coverage for a prominent vulnerability in F5’s BIG-IP.

BIG-IP is one of the most popular networking products on the modern market. This product is used to shape web traffic, access gateways, limit rates and much more. F5 disclosed a remote code execution over the weekend that was assigned a maximum 10 out of 10 severity score.

CVE-2020-5902 is a remote code execution vulnerability in BIG-IP's configuration interface. Users are urged to make their interfaces inaccessible to the internet and patch as soon as possible. The latest Snort rule set also includes rules 54462 to protect users from the exploitation of this vulnerability.